Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/347c9a-0197-4762-8523-7bad5bae51e4/1/1--_Pra55j5vU4AW5fs8K_BXLtm4.roa
File: 1--_Pra55j5vU4AW5fs8K_BXLtm4.roa (raw, json)
Hash identifier: Ded8iBiyEkn9Sz0Ngh8CNZL7SKS7jfdmY+71s8swWs0=
Subject key identifier: FB:EF:CF:AD:AE:79:8F:9B:D4:E0:05:B9:7E:CF:0A:FC:15:CB:B6:6E
Certificate issuer: /CN=9de6e4272e2ce387b4cc04b143f73309d713629b
Certificate serial: 018FE1F8753650725EECB069E07F2D6FD68B
Authority key identifier: 9D:E6:E4:27:2E:2C:E3:87:B4:CC:04:B1:43:F7:33:09:D7:13:62:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nebkJy4s44e0zASxQ_czCdcTYps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/347c9a-0197-4762-8523-7bad5bae51e4/1/1--_Pra55j5vU4AW5fs8K_BXLtm4.roa
Signing time: Tue 04 Jun 2024 06:38:27 +0000
ROA not before: Tue 04 Jun 2024 06:38:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15435
IP address blocks: 62.45.0.0/16 maxlen: 24
213.184.96.0/19 maxlen: 24
2001:4c38::/29 maxlen: 48
2a0f:900::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/347c9a-0197-4762-8523-7bad5bae51e4/1/nebkJy4s44e0zASxQ_czCdcTYps.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/347c9a-0197-4762-8523-7bad5bae51e4/1/nebkJy4s44e0zASxQ_czCdcTYps.mft
rsync://rpki.ripe.net/repository/DEFAULT/nebkJy4s44e0zASxQ_czCdcTYps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e1:f8:75:36:50:72:5e:ec:b0:69:e0:7f:2d:6f:d6:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9de6e4272e2ce387b4cc04b143f73309d713629b
Validity
Not Before: Jun 4 06:38:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbefcfadae798f9bd4e005b97ecf0afc15cbb66e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ee:d2:59:ea:4f:b6:32:0e:b3:ee:d6:cd:2a:
2e:02:15:75:40:08:5e:0e:ed:65:1c:9e:74:5b:d2:
71:24:84:9c:98:c4:bb:7c:80:bb:b9:da:ad:05:e6:
64:22:9f:f1:bf:82:46:e7:a1:59:de:87:f3:15:a2:
be:f9:da:e5:b5:8d:a4:26:87:00:45:01:47:15:1a:
de:2b:da:6c:a9:ba:23:81:a8:7c:2c:52:19:4c:fa:
e2:4d:05:fc:56:25:43:c1:fe:08:0d:18:c7:1b:fa:
b2:91:fc:ca:fc:81:bf:7f:53:40:5f:aa:62:0f:e0:
ed:67:99:bd:53:7a:f5:c0:ad:4a:45:df:c4:07:07:
a4:9c:e7:0f:29:37:a7:d7:30:36:aa:b3:53:b8:9a:
9b:61:bc:66:4a:a1:52:21:e3:7d:c7:f0:59:ae:6f:
4e:e2:f5:6d:aa:80:c3:20:9a:d6:06:e1:50:b5:40:
20:cd:3b:fb:dc:1c:e9:c6:31:6a:1f:07:44:56:2d:
22:df:c6:06:85:66:f8:e4:c5:bc:6a:16:65:23:06:
b4:88:86:14:b5:9a:e7:9f:95:d5:57:93:a9:35:03:
dd:1e:83:21:ad:dc:9d:de:60:c4:23:e4:4f:b7:99:
1d:8e:a8:7b:e6:a1:dd:b8:ca:e5:a0:cb:6d:3c:34:
0e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:EF:CF:AD:AE:79:8F:9B:D4:E0:05:B9:7E:CF:0A:FC:15:CB:B6:6E
X509v3 Authority Key Identifier:
keyid:9D:E6:E4:27:2E:2C:E3:87:B4:CC:04:B1:43:F7:33:09:D7:13:62:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nebkJy4s44e0zASxQ_czCdcTYps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/347c9a-0197-4762-8523-7bad5bae51e4/1/1--_Pra55j5vU4AW5fs8K_BXLtm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/347c9a-0197-4762-8523-7bad5bae51e4/1/nebkJy4s44e0zASxQ_czCdcTYps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.45.0.0/16
213.184.96.0/19
IPv6:
2001:4c38::/29
2a0f:900::/29
Signature Algorithm: sha256WithRSAEncryption
c9:d8:86:e9:62:52:c0:da:82:ae:be:21:06:cf:00:f3:f1:d7:
77:52:a7:c5:31:dc:72:11:e7:05:77:40:f0:b2:0b:b8:8c:1e:
d9:41:a6:46:1f:6f:8c:1c:dd:d9:af:57:46:d4:bf:14:d7:50:
ea:b9:bb:07:ac:8d:5b:78:a9:b1:67:2b:8d:5d:c0:8c:42:db:
5c:ea:9c:4b:88:66:b5:f8:7e:b2:d4:1a:db:f9:33:83:d6:11:
1b:e1:dc:e2:06:07:1f:44:b7:cf:04:a3:2c:fb:4f:03:82:65:
b8:97:92:23:f1:3a:13:d4:b3:4b:22:26:1c:b0:74:19:72:dd:
c1:e4:65:5a:2b:fe:ec:d0:f5:d8:9c:4f:67:04:d6:58:9e:62:
46:0d:ef:39:62:47:bd:24:a6:3b:a2:14:11:cd:19:b6:0a:65:
01:42:44:61:85:29:8e:6d:51:de:49:38:fb:3f:db:a6:52:15:
52:7b:14:db:2d:41:44:58:55:fd:0d:09:dd:23:13:93:37:3e:
5c:82:ce:87:c0:75:4a:0f:54:34:d0:39:05:f8:00:43:71:e0:
b9:a5:0b:0d:5b:de:54:9e:ed:26:08:18:4d:7d:2a:e4:49:13:
bd:87:a1:21:22:98:31:3e:40:f6:47:f6:60:11:78:1c:54:6e:
05:63:f3:9d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY/h+HU2UHJe7LBp4H8tb9aLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZTZlNDI3MmUyY2UzODdiNGNjMDRiMTQzZjczMzA5ZDcx
MzYyOWIwHhcNMjQwNjA0MDYzODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmVmY2ZhZGFlNzk4ZjliZDRlMDA1Yjk3ZWNmMGFmYzE1Y2JiNjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe7SWepPtjIOs+7WzSouAhV1QAhe
Du1lHJ50W9JxJIScmMS7fIC7udqtBeZkIp/xv4JG56FZ3ofzFaK++drltY2kJocA
RQFHFRreK9psqbojgah8LFIZTPriTQX8ViVDwf4IDRjHG/qykfzK/IG/f1NAX6pi
D+DtZ5m9U3r1wK1KRd/EBweknOcPKTen1zA2qrNTuJqbYbxmSqFSIeN9x/BZrm9O
4vVtqoDDIJrWBuFQtUAgzTv73BzpxjFqHwdEVi0i38YGhWb45MW8ahZlIwa0iIYU
tZrnn5XVV5OpNQPdHoMhrdyd3mDEI+RPt5kdjqh75qHduMrloMttPDQOYQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPvvz62ueY+b1OAFuX7PCvwVy7ZuMB8GA1UdIwQY
MBaAFJ3m5CcuLOOHtMwEsUP3MwnXE2KbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmVia0p5NHM0NGUwekFTeFFfY3pDZGNUWXBzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zNDdjOWEtMDE5Ny00NzYyLTg1MjMt
N2JhZDViYWU1MWU0LzEvMS0tX1ByYTU1ajV2VTRBVzVmczhLX0JYTHRtNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWMvMzQ3YzlhLTAxOTctNDc2Mi04NTIzLTdiYWQ1YmFlNTFl
NC8xL25lYmtKeTRzNDRlMHpBU3hRX2N6Q2RjVFlwcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwEQQCAAEwCwMDAD4tAwQF
1bhgMBQEAgACMA4DBQMgAUw4AwUDKg8JADANBgkqhkiG9w0BAQsFAAOCAQEAydiG
6WJSwNqCrr4hBs8A8/HXd1KnxTHcchHnBXdA8LILuIwe2UGmRh9vjBzd2a9XRtS/
FNdQ6rm7B6yNW3ipsWcrjV3AjELbXOqcS4hmtfh+stQa2/kzg9YRG+Hc4gYHH0S3
zwSjLPtPA4JluJeSI/E6E9SzSyImHLB0GXLdweRlWiv+7ND12JxPZwTWWJ5iRg3v
OWJHvSSmO6IUEc0ZtgplAUJEYYUpjm1R3kk4+z/bplIVUnsU2y1BRFhV/Q0J3SMT
kzc+XILOh8B1Sg9UNNA5BfgAQ3HguaULDVveVJ7tJggYTX0q5EkTvYehISKYMT5A
9kf2YBF4HFRuBWPznQ==
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:12:28 2024 by rpki-client on console-ams.rpki-client.org